Community post by Andres Vega from ControlPlane and Michael Crenshaw from Argo CD

Argo CD provides deployment flexibility, which enables operators to configure it to varying situations. The new report by ControlPlane provides a comprehensive threat modeling analysis of a typical production setup of Argo CD and accompanying security considerations.

The report assets include visualizations of the identified threat landscape in the form of attack trees. These attack trees may be used to guide non-technical stakeholders through the model in order to support the justification of the implementation of controls. Additional assets include the deployment architecture and the code to reproduce it for validation.

By following the recommendations, end users will strengthen defense and reduce risk, whilst unlocking the outcomes that Declarative GitOps and Progressive Delivery enable. 

Have look at the full report.